[Touch-packages] [Bug 1689796] [NEW] sudo + sssd does not work for IPA hostgroups

Wed, 10 May 2017 04:36:48 -0700 

Public bug reported:

As discussed on this page:
https://pagure.io/freeipa/issue/6139

Sudo + SSSD doesn't work with hostgroups.
As suggested, sudo upstream has a fix for this problem in 
https://www.sudo.ws/repos/sudo/rev/2eab4070dcf7

It looks similar to the issue https://bugs.launchpad.net/bugs/1688034
but is actually different.

1) root@ipa:~# lsb_release -rd 
Description:    Ubuntu 16.04.2 LTS
Release:        16.04

2)
root@ipa:~# apt-cache policy sudo
sudo:
  Installed: 1.8.16-0ubuntu1.3
  Candidate: 1.8.16-0ubuntu1.3
  Version table:
 *** 1.8.16-0ubuntu1.3 500
        500 http://localapt/ubuntu xenial-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.8.16-0ubuntu1 500
        500 http://localapt/ubuntu xenial/main amd64 Packages

3) I expect to be able to grant sudo rights based on IPA hostgroups

4) "testuser is not allowed to run sudo on cw-st-ipa.catawiki.net.  This
incident will be reported."

** Affects: sudo (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1689796

Title:
  sudo + sssd does not work for IPA hostgroups

Status in sudo package in Ubuntu:
  New

Bug description:
  As discussed on this page:
  https://pagure.io/freeipa/issue/6139

  Sudo + SSSD doesn't work with hostgroups.
  As suggested, sudo upstream has a fix for this problem in 
https://www.sudo.ws/repos/sudo/rev/2eab4070dcf7

  It looks similar to the issue https://bugs.launchpad.net/bugs/1688034
  but is actually different.

  1) root@ipa:~# lsb_release -rd 
  Description:  Ubuntu 16.04.2 LTS
  Release:      16.04

  2)
  root@ipa:~# apt-cache policy sudo
  sudo:
    Installed: 1.8.16-0ubuntu1.3
    Candidate: 1.8.16-0ubuntu1.3
    Version table:
   *** 1.8.16-0ubuntu1.3 500
          500 http://localapt/ubuntu xenial-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       1.8.16-0ubuntu1 500
          500 http://localapt/ubuntu xenial/main amd64 Packages

  3) I expect to be able to grant sudo rights based on IPA hostgroups

  4) "testuser is not allowed to run sudo on cw-st-ipa.catawiki.net.
  This incident will be reported."

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1689796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to